Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    383d512f82313e22bd0ac97517b77f7179a3c77f5b39e5b2335013d2a2b0fafd

  • Size

    100KB

  • Sample

    241121-a6n4baxgml

  • MD5

    d72a4038c6bbc827edbe1acad62037c4

  • SHA1

    afd87e7be24df815bd2c0307f401517fb83cd2b4

  • SHA256

    383d512f82313e22bd0ac97517b77f7179a3c77f5b39e5b2335013d2a2b0fafd

  • SHA512

    4e6682861496180f95dbbb015cd2a4829727adff88de561396c09391fbe3c6e41302126b6b23818614c4efcfa0f7d8f0ed23a0b7bcbc4ec80028dc60c5a59138

  • SSDEEP

    3072:n/k3hbdlylKsgqopeJBWhZFGkE+cL2NdAFxe53lGvFTQ3IzxgdrvxpU0OKvMB:/k3hbdlylKsgqopeJBWhZFVE+W2NdAOK

Score
10/10

Malware Config

Extracted

Language
hta
Source
URLs
hta.dropper

http://185.7.214.7/fer/fe3.html

Targets

    • Target

      383d512f82313e22bd0ac97517b77f7179a3c77f5b39e5b2335013d2a2b0fafd

    • Size

      100KB

    • MD5

      d72a4038c6bbc827edbe1acad62037c4

    • SHA1

      afd87e7be24df815bd2c0307f401517fb83cd2b4

    • SHA256

      383d512f82313e22bd0ac97517b77f7179a3c77f5b39e5b2335013d2a2b0fafd

    • SHA512

      4e6682861496180f95dbbb015cd2a4829727adff88de561396c09391fbe3c6e41302126b6b23818614c4efcfa0f7d8f0ed23a0b7bcbc4ec80028dc60c5a59138

    • SSDEEP

      3072:n/k3hbdlylKsgqopeJBWhZFGkE+cL2NdAFxe53lGvFTQ3IzxgdrvxpU0OKvMB:/k3hbdlylKsgqopeJBWhZFVE+W2NdAOK

    Score
    10/10
    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Blocklisted process makes network request

MITRE ATT&CK Enterprise v15

Tasks